Vitaldevara, CA

Krish Vitaldevara, Fremont, CA US

Patent application number

Description

Published

20120278887

REPORTING COMPROMISED EMAIL ACCOUNTS - The claimed subject matter provides a method for detecting compromised accounts. The method includes receiving a communication from a sender's account to a recipient. The sender's account is associated with a sender. The method also includes presenting a compromised account reporting interface to the recipient based on specific conditions. Further, the method includes receiving a selection by the recipient indicating the sender's account is compromised. The method also includes determining that the sender's account is compromised based on the selection. Additionally, the method includes generating, in response to a selection by the recipient, a report indicating that the account is compromised.

11-01-2012

20140096189

USING TRUSTED DEVICES TO AUGMENT LOCATION-BASED ACCOUNT PROTECTION - An authentication process receives information identifying a user, a device used by the user and a location in which the device is being used. That authentication process determines whether the location is among a set of familiar locations stored about the user for a service being accessed. If the location is not among the set of familiar locations, then the user is not authenticated. A desirable user experience can be obtained by using information about any existing relationship, such as a synchronization relationship, between the device and the service established at a prior familiar location. Instead of challenging a user whose device is in an unfamiliar location, the authentication process determines whether the device has a relationship established with the service. If the device has a relationship established with the service, then the set of familiar locations is updated to include the location in which the device is being used.

04-03-2014

Krishna Vitaldevara, Fremont, CA US

Patent application number

Description

Published

20110282948

EMAIL TAGS - Email tags are described. In embodiments, email messages are received for distribution to client devices that correspond to respective recipients of the email messages. Email routing decisions are applied to route an email message to an email folder for a recipient of the email message, where the email folder may include an email inbox, a junk folder, or a user-created folder. The email message is then tagged with an email tag to generate a tagged email message. The email tag includes a routing description that indicates why the email message was routed to the particular email folder.

11-17-2011

20110296003

USER ACCOUNT BEHAVIOR TECHNIQUES - User account behavior techniques are described. In implementations, a determination is made as to whether interaction with a service provider via a user account deviates from a model. The model is based on behavior that was previously observed as corresponding to the user account. Responsive to a determination that the interaction deviates from the model, the user account is flagged as being potentially compromised by a malicious party.

12-01-2011

20110296524

Campaign Detection - Campaign detection techniques are described. In implementations, a signature is computed for each of a plurality of emails to be communicated by a service provider to respective intended recipients. A determination is made that two or more of the plurality of emails is similar based on the respective signatures. Responsive to a finding that a number of similar emails exceeds a threshold, an indication is output that the similar emails have a likelihood of being involved in a spam campaign.

12-01-2011

20120167174

TRUSTED EMAIL SENDER INDICATORS - In embodiments of trusted email sender indicators, email messages are received for distribution, and validation techniques can be applied to determine whether a sender of an email message is trusted. If the sender of the email message is determined to be trusted, a trusted sender indicator can be associated with the email message for display with the email message. The trusted sender indicator indicates that the email message is from a trusted sender, such as when the trusted sender indicator is displayed along with the email message at a recipient client device.

06-28-2012

20120246720

USING SOCIAL GRAPHS TO COMBAT MALICIOUS ATTACKS - Detection of user accounts associated with spammer attacks may be performed by constructing a social graph of email users. Biggest connected components (BCC) of the social graph may be used to identify legitimate user accounts, as the majority of the users in the biggest connected components are legitimate users. BCC users may be used to identify more legitimate users. Using degree-based detection techniques and PageRank based detection techniques, the hijacked user accounts and spammer user accounts may be identified. The users' email sending and receiving behaviors may also be examined, and the subgraph structure may be used to detect stealthy attackers. From the social graph analysis, legitimate user accounts, malicious user accounts, and compromised user accounts can be identified.

09-27-2012

20120259929

GEO-DATA SPAM FILTER - Geo-data spam filters are described. In one or more implementations, origin data and language data of a message are evaluated to establish a score for the message indicating a likelihood that the message is spam. The evaluation includes comparing the origin data and the language data to ranked lists indicating message origins and languages with which a respective message recipient interacts positively and ranked lists indicating message origins and languages with which the respective recipient interacts negatively. Interactions of the respective recipient with previously sent messages may be tracked to form these lists. Based on the score established by evaluating the origin data and the language data of the message, the message is filtered for delivery.

10-11-2012

20120290712

Account Compromise Detection - Techniques for account compromise detection are described. In one or more implementations, a usage pattern is established for a user account of a service provider, where the service provider is configured to provide a plurality of web services for access via a network and the usage pattern describes interaction with one or more of the plurality of web services. A deviation is detected in subsequent activity associated with the user account from the usage pattern and a determination is made as to whether compromise the user account is likely based at least in part on the detection.

11-15-2012

20120304260

PROTECTION FROM UNFAMILIAR LOGIN LOCATIONS - In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface

11-29-2012

20130086180

Message Classification and Management - Message management and classification techniques are described. In one or more implementations, a message received from a sender for delivery via a user account is examined to extract one or more features of the message. A determination is then made as to whether the message corresponds to one or more categories based on the extracted features, the categories usable to enable features to be applied to the message in a user interface.

04-04-2013

20130086181

IDENTIFYING FIRST CONTACT UNSOLICITED COMMUNICATIONS - Techniques involving identification of electronic messages that are the first contact between the sender identification and addressed recipients. One representative technique includes identifying electronic messages originating from a sender that are first contact electronic messages between the sender and targeted recipients. The sender of the electronic messages may be designated as a source of unsolicited messages if heuristics involving the first contact electronic messages indicate a distribution of unsolicited messages by the sender.

04-04-2013

20130185791

VOUCHING FOR USER ACCOUNT USING SOCIAL NETWORKING RELATIONSHIP - Trusted user accounts of an application provider are determined. Graphs, such as trees, are created with each node corresponding to a trusted account. Each of the nodes is associated with a vouching quota, or the nodes may share a vouching quota. Untrusted user accounts are determined. For each of these untrusted accounts, a trusted user account that has a social networking relationship is determined. If the node corresponding to the trusted user account has enough vouching quota to vouch for the untrusted user account, then the quota is debited, a node is added for the untrusted user account to the graph, and the untrusted user account is vouched for. If not, available vouching quota may be borrowed from other nodes in the graph.

Geo-Data Spam Filter - Geo-data spam filters are described. In one or more implementations, origin data and language data of a message are evaluated to establish a score for the message indicating a likelihood that the message is spam. The evaluation includes comparing the origin data and the language data to ranked lists indicating message origins and languages with which a respective message recipient interacts positively and ranked lists indicating message origins and languages with which the respective recipient interacts negatively. Interactions of the respective recipient with previously sent messages may be tracked to form these lists. Based on the score established by evaluating the origin data and the language data of the message, the message is filtered for delivery.

04-17-2014

20140156776

IDENTIFYING FIRST CONTACT UNSOLICITED COMMUNICATIONS - Techniques involving identification of electronic messages that are the first contact between the sender identification and addressed recipients. One representative technique includes identifying electronic messages originating from a sender that are first contact electronic messages between the sender and targeted recipients. The sender of the electronic messages may be designated as a source of unsolicited messages if heuristics involving the first contact electronic messages indicate a distribution of unsolicited messages by the sender.

06-05-2014

Patent applications by Krishna Vitaldevara, Fremont, CA US

Krishna C. Vitaldevara, Fremont, CA US

Patent application number

Description

Published

20100174788

HONORING USER PREFERENCES IN EMAIL SYSTEMS - In a distributed email system, user preferences respected more effectively by presenting messages marked for deletion to secondary messaging servers having access to user preferences. Messages marked for deletion by inbound servers are presented to secondary level servers having access to user white lists and the choice of whether to delete the suspect message is made by the secondary server.

07-08-2010

20100175103

REACTIVE THROTTLING OF INBOUND MESSAGES AND RANGES - A method for throttling inbound email messages in an enterprise email system including a plurality of inbound mail servers and at least one management server is provided. Policies defining message event limits for each unique sender are applied to messaging events from the unique sender at each inbound server. Feedback from each of the inbound mail servers to the management server is provided. When events from a unique sender exceed a threshold, as determined by the management server using the feedback, an alert is generated and a new, more restrictive policy for the unique sender is created. The more restrictive policy is broadcast the more restrictive policy to each of the inbound mail servers.

07-08-2010

20100199338

ACCOUNT HIJACKING COUNTER-MEASURES - A method for providing an additional layer of authentication prior to accessing a user's account even though the user's credentials have previously been verified. User accounts are often accessed via a sign-in page that verifies the user's credentials. Upon detecting a device accessing the sign-in page, an identifier associated with the device is obtained. One such type of identifier is the IP address assigned to the device. Based on the identifier, it is determined whether the device is trusted or not. Even thought the user's credentials are verified via the sign-in page, if the device is not trusted, a second authentication page is presented to the user prior to proceeding to the account. The second authentication page presents at least one security question. The security question is based on information contained in the user's account (e.g., contact information, event information, electronic messages, etc.). The user is required to correctly answer the security question in order to access the account.

08-05-2010

20100205259

EMAIL MANAGEMENT BASED ON USER BEHAVIOR - Methods for assisting email users manage email messages received in an email account. An event is triggered by an action performed by an email user with respect to an email message in an email account. The event identifies an entity associated with the email message (e.g., sender address, domain, keyword, etc.). A determination is made whether to assist the user manage their email based on a heuristic. The heuristic assigns weights based on prior events associated with the same entity to determine whether the user is interested in receiving emails from the sender. Based on the heuristics, the method may add the sender to the user's block-list or unsubscribe the user from a mailing list.

08-12-2010

20100332601

REAL-TIME SPAM LOOK-UP SYSTEM - A system and method of managing unsolicited email sent to an email system over a network. Email messages are received at an message at an inbound mail transfer agent. A determination is made as to whether the email message is suspected to be an unsolicited suspect message. One or more queries for additional information on one or more characteristics of the message is initiated. Determinations are made based on replies to the queries before issuing a message accepted for delivery indication to a sending server.

12-30-2010

20110191832

RESCUING TRUSTED NODES FROM FILTERING OF UNTRUSTED NETWORK ENTITIES - Network entities controlling a set of nodes may vary by trustworthiness, such as tolerance for nodes that send spam, distribute malware, or perform denial-of-service attacks. A device receiving such activities may identify a trust rating of the network entity and apply appropriately stringent filtering (such as spam evaluation) to activities received from nodes controlled by the network entity. However, a poor trust rating of a network entity may subject a legitimate node controlled by the network entity to inefficiently or unfairly stringent activity filtering. Instead, the device may evaluate the activities of a particular node, assign a trust rating to the node, and if the trust rating of the node is higher than the trust rating of the network entity, apply less stringent activity filtering to the activities of the node, thereby “rescuing” the node from the more stringent activity filtering applied to the other nodes of the network entity.

08-04-2011

20110191847

ACTIVITY FILTERING BASED ON TRUST RATINGS OF NETWORK ENTITIES - The filtering of activities generated by nodes of a network while interacting with a device may be performed by evaluating the desirability of the activities (e.g., a spam or not-spam determination of email messages sent by the node) and assigning a trust rating to the node. However, nodes are often identified by network address, and an operator of a node sending undesirable activities may reassign the network address of the node in order to avoid heavy filtering. Instead, nodes may be identified as being controlled by a network entity (e.g., an autonomous system identified in a border gateway protocol routing table.) The network entity is assigned a network entity trust rating based on the trust ratings of the nodes controlled thereby, and an appropriate level of activity filtering based on the network entity trust rating may be selected for subsequent activities received from all nodes controlled by the network entity.

08-04-2011

20110246583

Delaying Inbound And Outbound Email Messages - A computer implemented system and method to enable protection of email users from unsolicited bulk email using a message delivery delay based on characteristics detected in selected messages. Messages are evaluated for characteristics resembling unsolicited bulk email. A determination is made whether a message passing through the email system exhibits such characteristics and whether to delay the message. Suspect messages may be delayed for a period of time, the delay period being dependent on the characteristics giving rise to a determination to delay. Following the period, additional information received during the delay period characterizing the message is used to determine whether to dispose or deliver the message. Messages evaluated can be inbound to the email system, outbound to other email systems, or moving within the email system.

10-06-2011

20110246584

Personalized Email Interactions Applied To Global Filtering - A computer implemented method for filtering unwanted bulk email in an email system and providing a positive user experience is provided. The method enables protection of email users from unsolicited bulk email using user-provided data on user interactions at both a user storage level and a global level with an email system. Metadata on user interactions with messages is collected. Messages are received by the system and evaluated using a global filter which assigns a score resulting in a message action. The action may be message delivery, message non-delivery or message routing, based on a score assigned by the global filter. When the message is delivered to user storage, the message may be examined relative to the metadata, and may alter the message action to an action different than the message action resulting from the score. Metadata for a plurality of users is returned to the global filter for use in making filtering future messages and modifies the global filter.

10-06-2011

20140123257

COMMUNICATING STATE INFORMATION TO LEGACY CLIENTS USING LEGACY PROTOCOLS - When a user account is in an alternate (fault) state, communication or sync between an application provider and a device or client application typically is interrupted. When parties do not support rich fault messaging, communication of the reason for the interruption and remediation steps has been impossible. An application server provides rich fault messaging using applications that do not provide explicit error messaging and protocols that do not provide explicit error messaging without changing either the application or the protocol by additional interactions between an identity provider and the application server. The application server uses authentication state information provided by the identity server to generate a notification sync event that appears to the application and the protocol to be a normal sync event. The notification sync event is used to provide the user with information needed to determine what the problem with the account is and how to fix it.

05-01-2014

Patent applications by Krishna C. Vitaldevara, Fremont, CA US

Krishna Charan Vitaldevara, Fremont, CA US

Patent application number

Description

Published

20100251362

DYNAMIC SPAM VIEW SETTINGS - A method of displaying email messages to a user is provided. Spam classification information and meta data is associated with email messages received for a user. Email message summary information is displayed in a user interface based on whether the meta data associated with the message meets or exceeds a threshold display level for the summary information. The user provides input via the user interface which is an indication to change the threshold display level and the change is dynamically displayed.

09-30-2010

20110258278

TIME TRAVELLING EMAIL MESSAGES AFTER DELIVERY - Systems and methods for reviewing email messages after delivery to an inbox. An inbox filter maintains a suspect list identifying of the email messages including unwanted content and identifies unread email messages in the inbox of the user. The inbox filter moves each identified unread email message to a suspect folder when the determined source of the identified unread email message is contained in the suspect list of sources.